Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

XSS sanitize text panels #14984

Merged
merged 4 commits into from
Jan 22, 2019
Merged

XSS sanitize text panels #14984

merged 4 commits into from
Jan 22, 2019

Conversation

jschill
Copy link
Contributor

@jschill jschill commented Jan 22, 2019

Feat:

  • Adds XSS sanitization to text panels
  • Add possibility to disable the sanitization via custom.ini

Questions:

  • Is disable_sanitize_input a good name of the config key? And should it be in the panel section?
  • Did I do the config key flow correct? (First time in go)
  • Do we need to add the sanitization anywhere else? This is only targeting the text panels.

Fixes #4117

@torkelo torkelo merged commit cfdef66 into master Jan 22, 2019
@torkelo torkelo deleted the 4117-xss-sanitize-text-panels branch January 22, 2019 10:29
@torkelo torkelo added this to the 6.0-beta1 milestone Jan 22, 2019
@ying-jeanne ying-jeanne added the pr/external This PR is from external contributor label Apr 29, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
pr/external This PR is from external contributor
Projects
None yet
Milestone
6.0-beta1
Development

Successfully merging this pull request may close these issues.

XSS: Option to disable and / or sanitize html in text panels
3 participants
@jschill @torkelo @ying-jeanne